Bug 53449 - Consider removing update_anon (and perhaps disallow bind_anon) in slapd.conf
Consider removing update_anon (and perhaps disallow bind_anon) in slapd.conf
Status: RESOLVED DUPLICATE of bug 52866
Product: UCS
Classification: Unclassified
Component: LDAP
UCS 5.0
Other Linux
: P5 normal (vote)
: ---
Assigned To: UCS maintainers
UCS maintainers
Depends on: 43732 53448
Blocks: 44164
  Show dependency treegraph
Reported: 2021-06-15 16:41 CEST by Ferenc Géczi
Modified: 2021-06-15 18:01 CEST (History)
6 users (show)

See Also:
What kind of report is it?: Development Internal
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:
Bug group (optional): Security
Max CVSS v3 score:


Note You need to log in before you can comment on or make changes to this bug.
Description Ferenc Géczi univentionstaff 2021-06-15 16:41:10 CEST
Currently in UCS, update_anon is allowed,
which is considered dangerous, and perhaps also consider disallow  bind_anon.
Please consult with Michael Ströder <stroeder@univention.de>

Comment 1 Philipp Hahn univentionstaff 2021-06-15 18:01:02 CEST

*** This bug has been marked as a duplicate of bug 52866 ***